Remove a reference to the `compat.linux.osrelease' sysctl.

As Alexander Leidinger has pointed out: "glibc behaves differently based upon the value of it. It may refuse to do anything if it doesn't understand the value. Changing the value of osrelease is only advised in experimental situations (like in http://wiki.freebsd.org/linux-kernel) and may result even in kernel panics." I've replaced a reference to `compat.linux.osrelease' with a safer example, for setting `security.bsd.see_other_uids=0', which we already use as a sample /etc/sysctl.conf entry anyway.
svn path=/head/; revision=29145
2006-11-29 21:22:35 +00:00 · 2006-11-29 21:22:35 +00:00 · 2f18540604 · 2020-12-08 03:00:23 +00:00
commit 2f18540604
parent a1b483e2cc
1 changed files with 9 additions and 6 deletions
--- a/en_US.ISO8859-1/books/handbook/config/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/config/chapter.sgml
@ -1686,13 +1686,16 @@ cron.*                                          /var/log/cron
 	form.  The specified values are set after the system goes into
 	multi-user mode.  Not all variables are settable in this mode.</para>

-      <para>To turn off logging of fatal signal exits and let Linux
-	programs know they are really running under &os;, the following
-	tunables can be set in <filename>sysctl.conf</filename>:</para>
+      <para>To turn off logging of fatal signal exits and prevent users from
+	seeing processes started from other users, the following tunables can
+	be set in <filename>sysctl.conf</filename>:</para>

-      <programlisting>kern.logsigexit=0       # Do not log fatal signal exits (e.g. sig 11)
-compat.linux.osname=&os;
-compat.linux.osrelease=4.3-STABLE</programlisting>
+      <programlisting># Do not log fatal signal exits (e.g. sig 11)
+kern.logsigexit=0
+
+# Prevent users from seeing information about processes that
+# are being run under another UID.
+security.bsd.see_other_uids=0</programlisting>
    </sect2>
  </sect1>